From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga09.intel.com (mga09.intel.com [134.134.136.24]) by mx.groups.io with SMTP id smtpd.web12.16600.1653228738261866826 for ; Sun, 22 May 2022 07:12:18 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=TXPvenam; spf=pass (domain: intel.com, ip: 134.134.136.24, mailfrom: jian.j.wang@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1653228738; x=1684764738; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=Ua5ZHTT0uQ/x8FzaSFjRGSqqh5A9zK2WyZVtB6+A8i4=; b=TXPvenamZVYlSZBN3JNiXf0DKBBsu6PmPwyBfdcL2jqWtSr+TadkAtam uVLvEm9KMDfMf+GoTqd2o5S31YruE+2plWj8XGo96z6WjX8dIbxXbWHDz fAjcZN/VzoxNiDmreNqTmptkdKZtbCiXbq5gTIrVS0QFC+UM/xw9G3mC/ inNtt9aZtV2ai9KTdlKaTuJGIdbC0TsARBuguhDiBjUeWtHNhudxguec0 5nCE0jeGnOP3Krlu00Ys61Y43keXqgKpKayiLyh4rh50tZotGm7/x0bnS piMTrD1QuATkKQYvRcsRLUl0cb/1m7Yg8hxNMNntBbg+To+8zdFpr2855 Q==; X-IronPort-AV: E=McAfee;i="6400,9594,10355"; a="272714313" X-IronPort-AV: E=Sophos;i="5.91,244,1647327600"; d="scan'208";a="272714313" Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by orsmga102.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2022 07:12:17 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.91,244,1647327600"; d="scan'208";a="641076907" Received: from orsmsx602.amr.corp.intel.com ([10.22.229.15]) by fmsmga004.fm.intel.com with ESMTP; 22 May 2022 07:12:17 -0700 Received: from orsmsx610.amr.corp.intel.com (10.22.229.23) by ORSMSX602.amr.corp.intel.com (10.22.229.15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.27; Sun, 22 May 2022 07:12:17 -0700 Received: from orsmsx604.amr.corp.intel.com (10.22.229.17) by ORSMSX610.amr.corp.intel.com (10.22.229.23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.27; Sun, 22 May 2022 07:12:16 -0700 Received: from ORSEDG602.ED.cps.intel.com (10.7.248.7) by orsmsx604.amr.corp.intel.com (10.22.229.17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.27 via Frontend Transport; Sun, 22 May 2022 07:12:16 -0700 Received: from NAM11-CO1-obe.outbound.protection.outlook.com (104.47.56.174) by edgegateway.intel.com (134.134.137.103) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2308.27; Sun, 22 May 2022 07:12:16 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=hdhnZDDdDksTC0pIreY7n/l8yEpRfG1UNNUT4/0cZ30PkO2RKD3CmofBfANgsQXcQMi/a6i3i9GbS5bVsVRgUtm5xHNX+0oePI2E3r75aAqyoCuHUJQ/LUSXCzYdzT6Qth0vQ6Q03s+GQEqhrXHBxBH1xTrUVPUiwjHw5h8vX6EBJzIPl17e2OTIsuBX2Eslm5EcybqD9hk6LqJAUvysB0cGSatGgmJPMBT+9cvc1an3fhsGwImyy/nFvdvqr7OYDOUFEcds/nb5DlpIvGPvpuhWQF1p33F6VE3Hn2iACTQDIW4uKBFaIhBVdbLKW8gYtQScOlQ0absDlFoG6hxxsw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=2ILyqRoEbcu7Q7pwF/M+qRT5Ws2UqScL8kXRPXU5y1g=; b=aFIY8iw59JoHDelOPH/k3Wh2lRhlU6g0lmcCjIzNkfTSV4un9mWxUbTJPvbwby+QOkeqEmm7+M7ZRtUYnHVFeEuUafcwE33galykivSujdXnimnIoLWLCdzzKmITiiuk+sR8NaNmRfN/bglFpZlevz6EIi8yjr6PSxYJBcNC9upbDUKR4B6o5sZlYoKGA0dNl900QybU9GFuzdVWCSuKu/ivHak6aibAeCFHEXKsXAf2FmQJETnVgu4HnLff6ldcru81W+AlW6nEYvjVPiZkcpDr3nGfte8V/Dc92MaZuMSZOBT1fsL9eNfMH/Jdk2/v9urxYy4XuIgTpOWmfp1pWA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Received: from CO1PR11MB4945.namprd11.prod.outlook.com (2603:10b6:303:9c::8) by BN6PR11MB2050.namprd11.prod.outlook.com (2603:10b6:404:3c::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5273.19; Sun, 22 May 2022 14:12:15 +0000 Received: from CO1PR11MB4945.namprd11.prod.outlook.com ([fe80::a420:db2c:31db:7906]) by CO1PR11MB4945.namprd11.prod.outlook.com ([fe80::a420:db2c:31db:7906%9]) with mapi id 15.20.5273.022; Sun, 22 May 2022 14:12:15 +0000 From: "Wang, Jian J" To: "Vang, Judah" , "devel@edk2.groups.io" CC: "Yao, Jiewen" , "Mistry, Nishant C" Subject: Re: [Patch v2 12/28] SecurityPkg: Add new variable types and functions Thread-Topic: [Patch v2 12/28] SecurityPkg: Add new variable types and functions Thread-Index: AQHYW/O9H4+1v6Me8UWDlzD1KhZA5K0rEtCA Date: Sun, 22 May 2022 14:12:14 +0000 Message-ID: References: <20220429180430.3292-1-judah.vang@intel.com> <20220429180430.3292-13-judah.vang@intel.com> In-Reply-To: <20220429180430.3292-13-judah.vang@intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-reaction: no-action dlp-version: 11.6.401.20 dlp-product: dlpe-windows authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 4ec4bf0b-825c-4b8e-d402-08da3bfd1282 x-ms-traffictypediagnostic: BN6PR11MB2050:EE_ x-microsoft-antispam-prvs: x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: DT3GokAuHwPZU3DRbruU28zu0Cdn238YkzcaRUReLwJSdzDm446esYmDcKc8LBeiV4lrANwAVNnyWxGgoRDGe3VLfTR7MsmgfmlgcPCUSYsEUbC+P2FqXu9QIZwGP3AO7h7yXyLJvCa1dSK6sqD9Y6s6cmP6BVfmYTDIUAXvI6VVqasNrflpcSb8xGy15SSf521zFHqwzugxvEK4KA0x8pNS6iHYJ6aJFMGz7rqgs+AZRDGyG4ez3YW64ihn81HvXGu83BBOfgWgpxyqLWnkL2jAvV7YA0U8U83uHkvgpfPYHvgtzpiGuqw11i/nzHsSZMRUTQmd6KbaRybYhuYI8Qfiq2kwj5jV/7MufpdBFXGev5Nva7eMbr5tAgE8cjH7SzOMqeyvRCe4Lhkss5gWEg1+kdS0Q+aFAYMaactwdDjnuzcByhB5SLIIROVMcsAEnTet/agX9X5q1YF8ZA5Fy8i3yYT8S3nRXCWuqlUoaZbQ4MP61/SYyEApJyLh/20JNlqgY+LgQ6t/HCbQpdJZ/xtgbcwEyDpE2vhaHHRaMF0AmjrWwE7l2aTBYTb3tTuxPfQsQc7iKwD3/lkksgdVzJR9ch9E4fZnFrQT572esapUno2HnSrKuWqO8k5V1l07ApbkBmbjtjdY65u7UiOlOFIJkPMG+GnvhQMkiP0rR8uy/R+Ma6wlptUfR9mFVEd4P4w0gAKbLcrbPOK846k29GLxgFgS6+JAm4iGUOBogpuvB4drYF/198o0Py+aMLUbsP2KvlYGn05CFefMCrIGdkv5XfMZeT1vQXFB/D1atHs= x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:CO1PR11MB4945.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230001)(366004)(71200400001)(6506007)(508600001)(8936002)(86362001)(52536014)(966005)(26005)(107886003)(38070700005)(9686003)(122000001)(186003)(82960400001)(54906003)(53546011)(33656002)(110136005)(2906002)(66556008)(66476007)(15650500001)(7696005)(76116006)(64756008)(83380400001)(5660300002)(38100700002)(66446008)(316002)(66946007)(55016003)(4326008)(8676002);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?pPfsvwI+qk3yg2PjUAF2WwI/L3spJb/acaJCl3bR+q21wPAtQhrgSThymtjh?= =?us-ascii?Q?TGUwTJH+1lpf20ekfTFer7oKrBUp5oID4ybcEwjMvRrLohaXsiEamObs3ohc?= =?us-ascii?Q?BnCV3u9VNgo5g0Ttpq3G303Rqq2DjulV/sQoqXmaGZa9fKhOE2K5aJ2MKfMb?= =?us-ascii?Q?+dMBYVP/xOGRxOF8Xz8cMzNFBmynK4mzpdTWEBoHxRV1eZ94YrEcBohEEOom?= =?us-ascii?Q?OmedLRo7dGrIlww53BHZP4Nn1+ploJEc9+CJtT/eN+6O6uFtwPS3TxDQyVwR?= =?us-ascii?Q?NbnJLjx6iDigpXpWTvrFcOgRHyuBKvcHWim/QQuRY2Zh3WjIIgqtlzDqWEms?= =?us-ascii?Q?/JVHYEmgquxyD7EZUgy+wBHbRDqH+H+ib4k0oGIsJdbm5mfAt4Dw3xwa2EYo?= =?us-ascii?Q?0/R5c/HKqxOMsSXs5a1HupNmEqMowPt3Fp18PlfsEdQuoYaUWatsV+bE9nYM?= =?us-ascii?Q?sTxXUFbMPp6DG4ZVn6Aa1Atch/euT/vMalpDv9cjFiChM8EwUHuJqaXapYlv?= =?us-ascii?Q?T+5LLhy6LNvr/5Yv/Ak56BOEYvCkbILj9RNnr6CtHHC3KAbgworwkv5Xtbmx?= =?us-ascii?Q?V/xoKrhDxJaV96UqlNvGaJdUl+dweuIBEykbAWg0pU+QQ2vNfL9ZwFBVPsJH?= =?us-ascii?Q?AKctgHiKNYgvic8AiJnI13f/ZCSQRyK54+AHE0T1aUUGz+5NZpv+LQwdCqjq?= =?us-ascii?Q?yLRQwufAo4WJS4DeXtbuZeZ/I258zO2MsQyMZPzR63f8OhqkZoMImlE+NyDj?= =?us-ascii?Q?pei9sSBkswMWnituNDyXW0YGXrHbS3auTtMdzFtpw6XallySbmqFTq9DU11B?= =?us-ascii?Q?giqH/jfxC/Omk59Jtfx5Y5unv/Y61AVwe9X7UsY6HEBuNGAuvdDVm4m0l7gH?= =?us-ascii?Q?o0d0oNJ1sc7jGOKaO826BPacpdq2zW9mDbA5IzPmcDhrGurZ1PvOClpugHk+?= =?us-ascii?Q?91k1erOQY54XuMGgiTKENt5iNBadibi3HfBX1itcjyG5wLdltbXNLhKc88QC?= =?us-ascii?Q?o7X5KZYZleixeh9fhS6Z/kF4m/QLsIEx+EgHe4Kwq9grWWDf8MTMnDYovxK1?= =?us-ascii?Q?FvT2GzKcCq542wEUFRGK1iDRsJKn62iFlVPlaYREEz6b+UT6hOFXjU6d4SN7?= =?us-ascii?Q?GwVjDcSVs18UWohA5KbZQFbuXZXrDeyVMxZ8+lBT/IOGoVw338qpkM+mZtwO?= =?us-ascii?Q?vHQnjpnkE5qZOGca55BkuA2mQomCaDGq6Edlcfqr+QL1bTWU2qf+lQbUiv7+?= =?us-ascii?Q?ZMlJYbiwXbWKROr9SznTgI/iQSnnNo3OTiKHM8YD5bQgiBX6TqyAJnSXMu+r?= =?us-ascii?Q?H3bK9jceG75IYOCte/s5t9TJumm3wL1KCNWcdDGR6/AQJ7r6aKX8c2yVLrgz?= =?us-ascii?Q?UdTd6Js6h2mM5jewLFyyf1Y7jYCLCd4ciY6W9XtGt8+rRoX+QiEdERMO0EjA?= =?us-ascii?Q?257nCXqa10muLL5dnM9KBOeSz6h5lmCqcwB/bLGOl6rYS5QqHMc1bnJzF+Sp?= =?us-ascii?Q?Jvtl0D1CI+lZM3L1L6q1XPfXiHnN9oCTJuKQ3SfAfafJ7e8WhHHnS+p+1zE4?= =?us-ascii?Q?M++hTiLv9EZ1mZ9zkbsNU2BAe+evdHC4lFhRexJi5Qwa+0wWta0tBFPJQrkT?= =?us-ascii?Q?Jaf97vqwE+asFwsqUssIjd8wZPFhAkQVj+wMW98txi4OQmM3qsEOWp312s4y?= =?us-ascii?Q?V25aA++tdwi4wRZCH76PHzpBns6NA8zTTlEx99h7NgNFwiOwfoiFEwyQrlAM?= =?us-ascii?Q?FzBPkO3JJA=3D=3D?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: CO1PR11MB4945.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 4ec4bf0b-825c-4b8e-d402-08da3bfd1282 X-MS-Exchange-CrossTenant-originalarrivaltime: 22 May 2022 14:12:14.9050 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: N01WxiJUIMkgca7gc8KyDsoW711du2Vyp9m17Axfpe8bMRINSSIiAM/SaRKwhsu9b8renvmWQ4mwaeoopekJ0w== X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR11MB2050 Return-Path: jian.j.wang@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Judah, Patch 11 is a library instance of RpmcLib which relies on changes introduce= d in this patch (12). You need to put this patch before patch 11. Regards, Jian > -----Original Message----- > From: Vang, Judah > Sent: Saturday, April 30, 2022 2:04 AM > To: devel@edk2.groups.io > Cc: Wang, Jian J ; Yao, Jiewen ; > Mistry, Nishant C > Subject: [Patch v2 12/28] SecurityPkg: Add new variable types and functio= ns >=20 > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2594 >=20 > Add new variable encryption/decryption function prototypes. > Add new variable digest structure. Add new Protected > variable function prototypes. Update RPMC APIs to Add > an index because there is could more than one counter. >=20 > Cc: Jian J Wang > Cc: Jiewen Yao > Cc: Nishant C Mistry > Signed-off-by: Jian J Wang > Signed-off-by: Nishant C Mistry > Signed-off-by: Judah Vang > --- > SecurityPkg/Include/Library/RpmcLib.h | 15 +++++--- > SecurityPkg/Include/Library/VariableKeyLib.h | 37 +++----------------- > 2 files changed, 16 insertions(+), 36 deletions(-) >=20 > diff --git a/SecurityPkg/Include/Library/RpmcLib.h > b/SecurityPkg/Include/Library/RpmcLib.h > index df4ba34ba8cf..cb71dfcd7e4d 100644 > --- a/SecurityPkg/Include/Library/RpmcLib.h > +++ b/SecurityPkg/Include/Library/RpmcLib.h > @@ -1,19 +1,23 @@ > /** @file > Public definitions for the Replay Protected Monotonic Counter (RPMC) L= ibrary. >=20 > -Copyright (c) 2020, Intel Corporation. All rights reserved.
> +Copyright (c) 2020 - 2022, Intel Corporation. All rights reserved.
> SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > **/ >=20 > -#ifndef _RPMC_LIB_H_ > -#define _RPMC_LIB_H_ > +#ifndef RPMC_LIB_H_ > +#define RPMC_LIB_H_ >=20 > #include >=20 > +#define RPMC_COUNTER_1 0 > +#define RPMC_COUNTER_2 1 > + > /** > Requests the monotonic counter from the designated RPMC counter. >=20 > + @param[in] CounterIndex The RPMC index > @param[out] CounterValue A pointer to a buffer to store t= he RPMC > value. >=20 > @retval EFI_SUCCESS The operation completed successf= ully. > @@ -23,12 +27,15 @@ SPDX-License-Identifier: BSD-2-Clause-Patent > EFI_STATUS > EFIAPI > RequestMonotonicCounter ( > + IN UINT8 CounterIndex, > OUT UINT32 *CounterValue > ); >=20 > /** > Increments the monotonic counter in the SPI flash device by 1. >=20 > + @param[in] CounterIndex The RPMC index > + > @retval EFI_SUCCESS The operation completed successf= ully. > @retval EFI_DEVICE_ERROR A device error occurred while at= tempting > to update the counter. > @retval EFI_UNSUPPORTED The operation is un-supported. > @@ -36,7 +43,7 @@ RequestMonotonicCounter ( > EFI_STATUS > EFIAPI > IncrementMonotonicCounter ( > - VOID > + IN UINT8 CounterIndex > ); >=20 > #endif > diff --git a/SecurityPkg/Include/Library/VariableKeyLib.h > b/SecurityPkg/Include/Library/VariableKeyLib.h > index 561ebad09da2..6076c4d4731b 100644 > --- a/SecurityPkg/Include/Library/VariableKeyLib.h > +++ b/SecurityPkg/Include/Library/VariableKeyLib.h > @@ -1,13 +1,13 @@ > /** @file > Public definitions for Variable Key Library. >=20 > -Copyright (c) 2020, Intel Corporation. All rights reserved.
> +Copyright (c) 2020 - 2022, Intel Corporation. All rights reserved.
> SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > **/ >=20 > -#ifndef _VARIABLE_KEY_LIB_H_ > -#define _VARIABLE_KEY_LIB_H_ > +#ifndef VARIABLE_KEY_LIB_H_ > +#define VARIABLE_KEY_LIB_H_ >=20 > #include >=20 > @@ -25,35 +25,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent > EFI_STATUS > EFIAPI > GetVariableKey ( > - OUT VOID **VariableKey, > - IN OUT UINTN *VariableKeySize > - ); > - > -/** > - Regenerates the variable key. > - > - @retval EFI_SUCCESS The variable key was regenerated= successfully. > - @retval EFI_DEVICE_ERROR An error occurred while attempti= ng to > regenerate the key. > - @retval EFI_ACCESS_DENIED The function was invoked after l= ocking > the key interface. > - @retval EFI_UNSUPPORTED Key regeneration is not supporte= d in the > current boot configuration. > -**/ > -EFI_STATUS > -EFIAPI > -RegenerateVariableKey ( > - VOID > - ); > - > -/** > - Locks the regenerate key interface. > - > - @retval EFI_SUCCESS The key interface was locked suc= cessfully. > - @retval EFI_UNSUPPORTED Locking the key interface is not= supported > in the current boot configuration. > - @retval Others An error occurred while attempti= ng to lock the > key interface. > -**/ > -EFI_STATUS > -EFIAPI > -LockVariableKeyInterface ( > - VOID > + OUT VOID *VariableKey, > + IN UINTN VariableKeySize > ); >=20 > #endif > -- > 2.35.1.windows.2